Middleboxes as a cloud service
Speaker: Justine Sherry, University of California at Berkeley
Location: Warren Weaver Hall 1302
Date: April 1, 2016, 11:30 a.m.
Host: Subhash Khot
Today's networks do much more than merely deliver packets. Through the deployment of middleboxes, enterprise networks today provide improved security -- e.g., filtering malicious content -- and performance capabilities -- e.g., caching frequently accessed content. Although middleboxes are deployed widely in enterprises, they bring with them many challenges: they are complicated to manage, expensive, prone to failures, and challenge privacy expectations.
In this talk, we aim to bring the benefits of cloud computing to networking. We argue that middlebox services can be outsourced to cloud providers in a similar fashion to how mail, compute, and storage are today outsourced. We begin by presenting APLOMB, a system that allows enterprises to outsource middlebox processing to a third party cloud or ISP. For enterprise networks, APLOMB can reduce costs, ease management, and provide resources for scalability and failover. For service providers, APLOMB offers new customers and business opportunities, but also presents new challenges. Middleboxes have tighter performance demands than existing cloud services, and hence supporting APLOMB requires redesigning software at the cloud. We re-consider classical cloud challenges including fault-tolerance and privacy, showing how to implement middlebox software solutions with throughput and latency 2-4 orders of magnitude more efficient than general-purpose cloud approaches. Some of the technologies discussed in this talk are presently being adopted by industrial systems used by cloud providers and ISPs.
Justine Sherry is a computer scientist and doctoral candidate at UC Berkeley. Her interests are in computer networking; her work includes middleboxes, networked systems, measurement, cloud computing, and congestion control. Justine's dissertation focuses on new opportunities and challenges arising from the deployment of middleboxes -- such as firewalls and proxies -- as services offered by clouds and ISPs. Justine received her MS from UC Berkeley in 2012, and her BS and BA from the University of Washington in 2010. She is an NSF Graduate Research Fellow, has won paper awards from both USENIX NSDI and ACM SIGCOMM, and is always on the lookout for a great cappuccino.
In-person attendance only available to those with active NYU ID cards.